SUSE CVE-2026-46096

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix missing tpmbufdestroy in tpm2readpublic tpm2readpublic calls tpmbufinit but fails to call tpmbufdestroy on two exit paths, leaking a page allocation: 1. When namesize returns an error unrecognized hash algorith...

SUSE CVE-2026-46097

In the Linux kernel, the following vulnerability has been resolved: Input: edt-ft5x06 - fix use-after-free in debugfs teardown The commit 68743c500c6e "Input: edt-ft5x06 - use per-client debugfs directory" removed the manual debugfs teardown, relying on the I2C core to handle it. However, this...

SUSE CVE-2026-46098

In the Linux kernel, the following vulnerability has been resolved: net: caif: clear client service pointer on teardown caifconnect can tear down an existing client after remote shutdown by calling caifdisconnectclient followed by caiffreeclient. caiffreeclient releases the service layer referenc...

SUSE CVE-2026-46100

In the Linux kernel, the following vulnerability has been resolved: fs: afs: revert mmapprepare change Partially reverts commit 9d5403b1036c "fs: convert most other genericfilemmap users to .mmapprepare". This is because the .mmap invocation establishes a refcount, but .mmapprepare is called at a...

SUSE CVE-2026-46101

In the Linux kernel, the following vulnerability has been resolved: netfilter: reject zero shift in nftbitwise Reject zero shift operands for nftbitwise left and right shift expressions during initialization. The carry propagation logic computes the carry from the adjacent 32-bit word using...

SUSE CVE-2026-46102

In the Linux kernel, the following vulnerability has been resolved: net: strparser: fix skbhead leak in strpabortstrp When the stream parser is aborted, for example after a message assembly timeout, it can still hold a reference to a partially assembled message in strp-skbhead. That skb is not...

SUSE CVE-2026-46103

In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when drivers...

CVE-2026-45871

A flaw was found in the Linux kernel's Trusted Platform Module TPM subsystem. When the getburstcount function encounters an error, the st33zp24 driver fails to release a previously acquired resource. This oversight can lead to resource exhaustion, potentially allowing a local attacker to cause a...

CVE-2026-45872

A flaw was found in the Linux kernel's scsi: smartpqi driver. The pqireportphysluns function fails to properly release allocated memory buffers under certain error conditions, such as encountering an unsupported data format or failed memory allocation. This oversight leads to a memory leak, which...

CVE-2026-45874

A flaw was found in the Linux kernel, within the phy: freescale: imx8qm-hsio component. This vulnerability occurs when a specific pointer, refclkpad, is not properly initialized and is later used without validation. This can lead to a NULL pointer dereference, which may cause the system to crash...

CVE-2026-45876

A flaw was found in the Linux kernel. Improper error handling in the archsetshadowstackstatus function, specifically related to allocgcs, could lead to the use of an invalid Global Context Structure GCS address. This issue may allow a local attacker to cause system instability or a denial of...

CVE-2026-45875

A flaw was found in the Linux kernel, specifically within the mfd: arizona driver. When the wm5102clearwritesequencer helper encounters an error, it may fail to properly release system resources regulators. This oversight can lead to a resource leak, potentially causing system instability or a...

CVE-2026-45879

A flaw was found in the Linux kernel's bq25980 power supply driver. A race condition during interrupt handling can lead to a use-after-free vulnerability, where the system attempts to access memory that has already been released. This can be triggered when an interrupt fires after the power suppl...

CVE-2026-45880

A flaw was found in the Linux kernel's PCI/P2PDMA subsystem. When the vminsertpage function fails during memory allocation, the system does not properly release a per-CPU reference for the page map. This oversight can lead to a resource leak, causing the memunmappages function to hang indefinitel...

CVE-2026-45882

A flaw was found in the Linux kernel's power supply subsystem, specifically in the pm8916bmsvm driver. A race condition during the deallocation and unregistration of the powersupply handle and its interrupt handler can lead to a use-after-free vulnerability. This allows an interrupt to be process...

CVE-2026-45883

A flaw was found in the Linux kernel, specifically within the iio: sca3000 module. This resource management vulnerability occurs when the iiodeviceregister function fails, as a system resource spi-irq is not properly released. This oversight can lead to a resource leak, potentially impacting syst...

CVE-2026-45884

A flaw was found in the Linux kernel's AppArmor module. A local attacker could exploit an integer underflow vulnerability in the aagetbuffer function. This flaw prevents buffers from being returned to the global list, potentially leading to resource exhaustion and a Denial of Service DoS conditio...

CVE-2026-45885

A flaw was found in the Linux kernel's cpcap-battery power supply driver. A race condition exists during the removal of the powersupply handle, where an interrupt can fire after the handle is freed but before the interrupt handler is unregistered. This use-after-free vulnerability can lead to...

CVE-2026-45887

A flaw was found in the Linux kernel's afunix subsystem. This vulnerability, a memory leak, occurs in the unixstreamconnect function when a specific internal operation fails to release allocated memory. Over time, this unreleased memory could accumulate, potentially leading to system instability ...

CVE-2026-45888

A flaw was found in the Linux kernel's md/raid1 module. This vulnerability occurs when the raid1run function calls setupconf to register a thread, but a subsequent failure in raid1setlimits prevents the proper unregistration of this thread. This oversight leads to a memory leak, consuming system...